Serious Android Flaw Could Turn Mobile Apps Malicious
Is there a ticking time bomb in your Android-based device? This week a security firm discovered a vulnerability in the Android security model that an attacker could use to turn legitimate mobile applications into a dangerous attack platform.
The weakness, identified in the Android security model that validates mobile applications, enables an attacker to bypass the Google Play security mechanism that reviews changes to applications before they are sent to users.
The vulnerability was reported to Google and has been corrected. But the security firm that discovered the flaw, San Francisco-based Bluebox Security, said millions of Android devices remain vulnerable.